Infosec

853 views
795 views

Published on

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
853
On SlideShare
0
From Embeds
0
Number of Embeds
28
Actions
Shares
0
Downloads
9
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Infosec

  1. 1. InfoSec Ahmad Aabed
  2. 2. Why InfoSec???  Nobody is perfect.  World is digitalized.  We are “System engineers,Programmers,Database administrators,Web developers”  At least we are “users”
  3. 3. Sniffing  Sniffer:computer software or computer hardware that can intercept and log traffic passing over a network or part of a network.  Depending on the network structure (hub or switch).
  4. 4. Spoofing  Is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.  “URL spoofing and phishing,Dns spoofing,Arp spoofing,MITM,E-mail address spoofing,Ip spoofing,Mac Spoofing”
  5. 5. E-mail spoofing  Describes e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.
  6. 6. DNS spoofing  Is the art of making a DNS entry to point to an another IP than it would be supposed to point to.  DNS Cache Poisoning.  DNS ID Spoofing.  Birthday Paradox.
  7. 7. ARP spoofing  Faking the ARP message.  Associates the attacker's MAC address with the IP address of another machine.  Any traffic meant for that IP address would be mistakenly sent to the attacker.
  8. 8. Phishing  Attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.  often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
  9. 9. IP spoofing  The creation of IP packets with a spoofed source IP address with the purpose of concealing the identity of another machine.
  10. 10. MAC Spoofing  ifconfig eth0 down hw ether 00:00:00:00:00:00  Allows the bypassing of access control lists on servers or routers,
  11. 11. MITM  Attack in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other.
  12. 12. Session hijacking  Refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
  13. 13. Dos attacks  Is an attempt to make a computer resource unavailable to its intended users.  prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.  saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic.
  14. 14. Dos attacks (cont)  ICMP flood (Smurf attack”Reflected attack”,Ping flood,Ping of death).  SYN flood.  login/logout.  Distributed attack.  Prevented by (switches,routers,firewall,ips).
  15. 15. Buffer overflow  Is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it.  1-overflow an input field, command-line argument, or input buffer.  2-overflow the current return address on the stack with address of the exploit code loaded in step 3.  3-write a simple set of code for the next space in the stack that includes attacker commands.
  16. 16. Exploits  Apiece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic.  Metasploit.  Coreimpact.
  17. 17. SQL injection  Is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters  “select * from `users` where `username` = '$userName' and `password` = '$password'”  What if user has entered his username as: ' + 1 = 1. Query where clause will be true, which will authenticate user in.
  18. 18. Password attacks  Bruteforce.  Dictionary.
  19. 19. DEMOS

×